From nobody Thu Dec 15 05:52:03 2022 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NXhFc0WZtz4kRW3 for ; Thu, 15 Dec 2022 05:52:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NXhFb74Rpz3wDm; Thu, 15 Dec 2022 05:52:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1671083524; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=C/GtBG2NtUVVSUxZ9CRGQYkVVT9lZZtb9c6Em9pyApQ=; b=jogP8h12vvaXLSclEFeA6fx7tBGM+zAOXovYQgDbSoGlrip1/riXg+PO7p/DrOQrVc7Ob+ 7OJai2VRKJQlyyYH/TCPR7yOGPjgLApV4oHhs4gjHF/t7SnQVqaC+Vgl0DGq77zJt2LCh3 nta6AVva9e6Wa3sRH4IeX0h7GcqllTU22rkmm+WkhWz67j0aj9UXgmmkvIO3xxS3gAXbaV rMhGhKlOMO8Cwg32njSsqV8+dc2LYeHASEwZcGKYh9u3k4OkgHL8lA557ffU1wUjZO+bT+ 2XJHAZodojgELfodkqgEixAtT4/ZOhi0pYiMWPaPiRzjk5qRZW3vc0p4yXFY/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1671083524; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=C/GtBG2NtUVVSUxZ9CRGQYkVVT9lZZtb9c6Em9pyApQ=; b=tWmfAzmVdbeFadC2+jcGZ+3/xvteGXh7jKpzsfIb5Xt7XZsm5zcXH3LmH2Brf43IaJGB3a qJmII3AjWbACazPWSxuyxNKBesUZRctmrfd5mfCcRTZ3og7xN1tSKyGTkyRfxy31W+EePg 7IfBrZRZQqa7prZyV9PO8lXigo49fnL6zGI6/i0eo0u/xaSzUhpxEMkDPQiGJdswvwkceO 3bHQnGvzP6aQRrAaCQup1y210Unm2d7JXFlZJnDCn5798n0wTp1/7nlhXpya0FupDyh8qa hO9MxidJZKLOar/eRoQipcAxfojKYQ3V2XQ5o2VIFlwGyV73Fj0ksytJrXFF+w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1671083524; a=rsa-sha256; cv=none; b=yaPLtwbeKuaFXFPdFjuNGQLKl9sLSoafTpbjFQVwPV8R1c8FMrM4sb2S7JLsT+vliTPn1z 0zgZWiTeR50P3pjqpc/+LNAcfIXFknaYG2w6mCecI80uLHgBOdUso0iTf32POfixrRdlKr LvBX6VsV2yEl4FMHN5ncrq/DPEsW0noHdt+XkcIReDM0rn6euA5vvHxQ8KVTOux5+OuVpd JDhPihXKRJ+CSURhgmTc7qKPdnh7YI7jWn86cNI5J05CAx2quQoJOY1NAA4Qw8w0qbKEj3 hQDsLCJTpDqQ9Bdd5h7797WQ4SpGkckNzMlqlMq5yiqN8jSoJYZD9uai3TyONw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4NXhFb66rzzMj0; Thu, 15 Dec 2022 05:52:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2BF5q3L0009612; Thu, 15 Dec 2022 05:52:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2BF5q3Tr009611; Thu, 15 Dec 2022 05:52:03 GMT (envelope-from git) Date: Thu, 15 Dec 2022 05:52:03 GMT Message-Id: <202212150552.2BF5q3Tr009611@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Gordon Tetlow Subject: git: 512f2bb33b - main - Update SA-22:15.ping for credit, impact, and a spelling mistake. List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-doc-all@freebsd.org X-BeenThere: dev-commits-doc-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 512f2bb33b8b5b3e071cc45cda5374d3a1775b20 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by gordon (src committer): URL: https://cgit.FreeBSD.org/doc/commit/?id=512f2bb33b8b5b3e071cc45cda5374d3a1775b20 commit 512f2bb33b8b5b3e071cc45cda5374d3a1775b20 Author: Gordon Tetlow AuthorDate: 2022-12-15 05:50:59 +0000 Commit: Gordon Tetlow CommitDate: 2022-12-15 05:51:47 +0000 Update SA-22:15.ping for credit, impact, and a spelling mistake. Approved by: so --- .../security/advisories/FreeBSD-SA-22:15.ping.asc | 38 ++++++++++++---------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/website/static/security/advisories/FreeBSD-SA-22:15.ping.asc b/website/static/security/advisories/FreeBSD-SA-22:15.ping.asc index 53807fc550..5c4224ec06 100644 --- a/website/static/security/advisories/FreeBSD-SA-22:15.ping.asc +++ b/website/static/security/advisories/FreeBSD-SA-22:15.ping.asc @@ -10,7 +10,7 @@ Topic: Stack overflow in ping(8) Category: core Module: ping Announced: 2022-11-29 -Credits: Tom Jones +Credits: NetApp, Inc. Affects: All supported versions of FreeBSD. Corrected: 2022-11-29 22:56:33 UTC (stable/13, 13.1-STABLE) 2022-11-29 23:00:43 UTC (releng/13.1, 13.1-RELEASE-p5) @@ -23,6 +23,11 @@ For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . +0. Revision History + +v1.0 2022-11-29 -- Initial release +v1.1 2022-12-14 -- Corrected Credits and updated Impact section. + I. Background ping(8) is a program that can be used to test reachability of a remote @@ -49,11 +54,10 @@ pr_pack() overflows the destination buffer by up to 40 bytes. III. Impact The memory safety bugs described above can be triggered by a remote -host, causing the ping program to crash. It may be possible for a -malicious host to trigger remote code execution in ping. +host, causing the ping program to crash. The ping process runs in a capability mode sandbox on all affected -versions of FreeBSD and is thus very constrainted in how it can interact +versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur. IV. Workaround @@ -145,17 +149,17 @@ The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- -iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlvgACgkQ05eS9J6n -5cIQGw//ZiF50YbtOc7oYgVcJTGlBEAbKWV6OteTDpXWb/OlwkznGxwzrG0DPvWN -wHyItOPSAmdxqC4xZUsZh9HNxlim80r5TR1y4BE22Lsg2vL5Ir0h3tcqOKKpHYLS -KzNgishF1+J56JeU3TpTjOe5QbXK3EZiw092lH8uSXTp3PqcHxBfFuW9Cjc1Rq/u -ewjHWI7zNCMOpGh3w/v14ZxGl3aFusL1jmrcyi5kZub2Pr0N3bUKgS3/3wXfWF6o -hcFhl1ChmAwpT/1313LNE7SHPl4HCC5XK4r3w+wniLjOJUhnioOBjay29QLt5O53 -0rYaINNvo7ooBSpcPO9ixta+7dqah+uuW3vnFewuahqNCaAGLhMDSPqyZW7KfYgU -F7TIDoBRHPHASFb3FOiAAcCNMCvmGl7vFyVoWe0xJ1ion2jqO83R8XOGgnHsPL/l -cTYTPdECPMIDMvmfIH9UAbNCzKEYdNjWsXUjFJKkxCBtwUcBRsn1TEu24zU2j9mS -hRlY1DAYVy8raYUnQp/f6Llroim5DKyUYpJpeB3j//Fk6KACRnZKsqsSIj9U3OYf -KD6zfJ35RrolPHePMPmy6vGPDYFocDo+YQSm1eauwfSeDGnsjBmIdzxahkgEav4Z -5agsPd2naEntMiJkGGgeuYCifEvkCttJbuTn2s+7VkuTap0uTuA= -=rown +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOatTwACgkQ05eS9J6n +5cJuig/8DQ3kQmQN8R7W+tFrtYmA/tIQYs+t5Eenx2Qc3XynQOuk7KQTHv0mFWLJ +zEPy5fB8iwcZnR5ZDL2H5J3vJ2tBdukFMU/nGqIWeJEzIJa0G2/KriZFxz5QnJFQ +bJ/4IVWNPyW0G4jredOVtjOo1J3FuftNJ/cpcbcYM0/f+7WfmVxAwN7ngtV0DtMT +G+s883BsVXNNHOShqulGelIa1fAgTjP9N9cZyFwgW8sGmDtqswoUOcpLnSxkPrK9 +N06gNKPePhN47LUr02JVIQe+ERO5ss8bXQrSO1GNWt4tPynWYXfmiqDBmIjAdhIK +/gEbEnR/roD5qX86hr5sFqPe90hurrXRT0gNo6mrWVKVUTHsTjvr+DBWy8WlEhzM +e8SmJzK06rD1T9bjRnobzF3dD46VccdMYVdakFeAfwNa2bplmABWcGBAdCrwgOyU +qs+cv9DdAfyHVmniKZrsZWTC9KBsi+8hSqhsF5uR+J5hAynBt9rsCXig9lQaFojW +uzOaLsIwtrvjn977S/Smkq9vAMh0k4QuQgwZqZAZZTGpYHqEtDIho7sJfTO+vuPP +t4N23FnrMyK8sCiwweYI4hNHqPVwRGD/nvRadZYOgSLTLN5rZAi+JhJWXc7J5unE +ssgWSH/7mcxHbOT7aW6Rs40zCWkMcrgrp33fEBgXWwuStGOQ6jY= +=ADME -----END PGP SIGNATURE-----